From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Tue, 28 May 2024 15:29:33 -0700
Received: from mail-yb1-f186.google.com ([209.85.219.186])
	by mail.fairlystable.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.94.2)
	(envelope-from <bitcoindev+bncBDSMPXWBREDRBRNV3GZAMGQEM33YLII@googlegroups.com>)
	id 1sC5K1-0007qA-Cj
	for bitcoindev@gnusha.org; Tue, 28 May 2024 15:29:33 -0700
Received: by mail-yb1-f186.google.com with SMTP id 3f1490d57ef6-df7721f2e70sf388270276.0
        for <bitcoindev@gnusha.org>; Tue, 28 May 2024 15:29:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20230601; t=1716935367; x=1717540167; darn=gnusha.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-sender:mime-version
         :subject:message-id:to:from:date:sender:from:to:cc:subject:date
         :message-id:reply-to;
        bh=z4S8zB8bx/38qfIVDCOjnlJNcHEKpN3gGs//SWyCm3I=;
        b=ufzgvIa8X8OaXrhgX3G7IPF1S2Wn0WCT6p7W1klO/00PQixVDEYKA1WkAwaT2ZQHTM
         R2m9n5C2svzjfvwbjmMoDy5hvmgNmjS4OAQy7cgf9iW1DYgR9cZ+e1LYVETAg/SqeS86
         lPniNbYrWnjs7GWXZX4RLFbJGbd3sCmR1OyuQFaU2THMrsZiHpDp7Ut3WxTd5Xqz2Zxx
         wSZHbGCy9XyQ4sebDXsrMWk95VGT5w+CwxXNuqOVu4wKmw5iMAqNXS5XJ73D0IyTB9mx
         SasCH0Qc/hEVR1bKVuNcjbJ5ReVku7aoOQ7PycbMRmTbC/49fVk5jOI7qC44A1E+Lvwk
         kZQQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1716935367; x=1717540167; darn=gnusha.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-sender:mime-version
         :subject:message-id:to:from:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=z4S8zB8bx/38qfIVDCOjnlJNcHEKpN3gGs//SWyCm3I=;
        b=NtP/t4tp/Y2RbP8CAx1kcazrYWgSz6OFWvpb0u8JqCRJ3Uwpsu12Io8VtFiHSPSuo6
         Be0VTEwp2qGBXtgZeunmFo4cg82RzG5Es/B9huhMbEw/6dCoAoTlYEsosFpPZw9mbbXT
         sZ6NzRuC33q3gunWkhn/m7HSP7ySaKfVGFK8265SWPcXT0BTOsL6fZTdM59UTsEYg4E6
         hJB26X0+gxSf9OmZK+HoiF8vsCaw1vU2w6kegkxXo0rfgA0WLHZ8KsrJwnfQDkGqSiLF
         0im8RwJG4kcgtjBeTFiAPq606fgBG06BhThFncewfcQpUiJ6kIos2MgwpFrpcA8WFeFX
         U3Hw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1716935367; x=1717540167;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-sender:mime-version
         :subject:message-id:to:from:date:x-beenthere:x-gm-message-state
         :sender:from:to:cc:subject:date:message-id:reply-to;
        bh=z4S8zB8bx/38qfIVDCOjnlJNcHEKpN3gGs//SWyCm3I=;
        b=GZMC3r6t4C6QhlxKc9jy9JjajMtPXucJgZ1JL/40OM6i5cEimUi+mKQL9C/Ga2wTGN
         E2I3YI4hnO5F/Isy7r5jkzXV2AQtw5DW8Zu7ztmkS+YMYPXKv/Vfyje8m8zs74vNIJQT
         0x3f2Ha3RB/wAE1R62xLZgB92DxwgdIhIrLG3HbgmMrILx8sxiDKlcXunOBDm+XvMT9w
         fJSxdDnVy9rcFXFqgzvfTwUt8nPFZDHwn1XGMB/XFltdHYQUphyq3oMv5k3JC6lGRJzz
         20lXBfnGMtN1nPLFmg5bIOOzlgZvMP5D8S5eOtwnENWE5L4TPpdBfkWYoxzAj52a8/sl
         T4oQ==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=1; AJvYcCVJVQeRkta9B4LtfcgM0Tspmr85fJesEXaWiWPvbnWm/J/7JRB0T9oOdup5vIKnyuLQ4XkIN8Z/KVwRtuMp0NmUmookcR0=
X-Gm-Message-State: AOJu0YxA/GBkiskMHhAjULo8OLiweE5EDQdPqbmAvdy8nnaWmVmTYFCC
	ut4Zxke0985PF5skm+DUOulyXFqbMxVfssnslIMMHPjsS1Tn3cqK
X-Google-Smtp-Source: AGHT+IFBJilUbdSSg2wxtc6PPIV8uJN8lZW9pzgPtjEAXHey/UpHVsGnDjAl+Oxiu5G3fS4LGzKrTA==
X-Received: by 2002:a25:af13:0:b0:df4:d93b:cabb with SMTP id 3f1490d57ef6-dfa46430361mr385997276.1.1716935367099;
        Tue, 28 May 2024 15:29:27 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:a25:7416:0:b0:df4:e354:514c with SMTP id 3f1490d57ef6-df7c6797be7ls321742276.1.-pod-prod-05-us;
 Tue, 28 May 2024 15:29:25 -0700 (PDT)
X-Received: by 2002:a05:6902:1207:b0:df4:ee8a:bfd2 with SMTP id 3f1490d57ef6-df77221652emr3798392276.12.1716935365476;
        Tue, 28 May 2024 15:29:25 -0700 (PDT)
Received: by 2002:a05:690c:2b83:b0:620:26bb:319f with SMTP id 00721157ae682-62a0b4bcbe4ms7b3;
        Mon, 27 May 2024 19:04:51 -0700 (PDT)
X-Received: by 2002:a05:690c:62c8:b0:622:d03f:ebf with SMTP id 00721157ae682-62a08dcb424mr28620017b3.3.1716861890901;
        Mon, 27 May 2024 19:04:50 -0700 (PDT)
Date: Mon, 27 May 2024 19:04:50 -0700 (PDT)
From: Aneesh Karve <aneesh.karve@gmail.com>
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Message-Id: <6d012560-4a66-4346-a1e8-8d8e5c879b29n@googlegroups.com>
Subject: [bitcoindev] Pre-BIP feedback: Secrets keychain with semantic derivation
MIME-Version: 1.0
Content-Type: multipart/mixed; 
	boundary="----=_Part_161068_542952046.1716861890607"
X-Original-Sender: aneesh.karve@gmail.com
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.5 (/)

------=_Part_161068_542952046.1716861890607
Content-Type: multipart/alternative; 
	boundary="----=_Part_161069_700989787.1716861890607"

------=_Part_161069_700989787.1716861890607
Content-Type: text/plain; charset="UTF-8"

Greetings,

After reading and implementing BIP-85 <https://github.com/akarve/bipsea> I 
entertained the possibility of a generalized keychain application atop 
hierarchical deterministic wallets.

Here is the pre-proposal for said BIP-Keychain on GitHub 
<https://github.com/akarve/bip-keychain>. Below are the Abstract and 
Motivation. See the link above for the full spec.

Let me know if I should proceed to submit this as a proper BIP.

Thank you.


# Abstract

We extend the hierarchical deterministic wallet chain from BIP-32 with a new
application code for BIP-85 and a deterministic path derivation algorithm
that allows applications to create a large key-value map of secrets where 
the key
for each secret is a meaningful semantic path, as opposed to an arbitrary 
integer.
This secure key-value map can replace modern password managers and offers 
an improved, possibly trustless security profile.

# Motivation

BIP-85 specifies how to derive passwords, private keys, and entropy from 
paths
with the following form:

```
m/83696968'/{app_no}'/{index}'
```

Nevertheless BIP-85 has the following ambiguities and shortcomings:

1. Path construction is arbitrary in that there is no well-defined 
procedure to
extend the path for applications that require more than two parameters.
The implied convention is for paths to end with `{some_integer_n}'{index}'`
but there is no guidance on the order of parameters for applications that 
need more
than two inputs.

1. Return types for applications vary in interpretation and are
not specific enough to be actionable. For example sometimes `n` represents 
the
number of bytes, sometimes the number of characters, sometimes the number of
BIP-39 words, etc.

Moreover, modern password managers protect hot child secrets with a single 
root
master hot secret such that if the master secret is compromised all 
children are
also compromised.

BIP-Keychain proposes a new paradigm where numerous hot or cold secrets are 
derived
from hot but non-secret-compromising _derivation path keys_ that are in 
turn stored
under a hot master secret such that if this hot master is compromised only 
the
_derivation path keys_, and not the actual child secrets (_derivation path 
values_),
are compromised. Said hot master secret can itself be the child derivative 
of a
cold master key. The master key for deriving the secret values need not be 
stored
online nor with the derivation path keys and may be provided just-in-time 
by the
application.

Moreover, _generalized derivation paths_ may be interpreted not simply as an
input to key derivation but also as information about the real world. 

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/6d012560-4a66-4346-a1e8-8d8e5c879b29n%40googlegroups.com.

------=_Part_161069_700989787.1716861890607
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Greetings,<div><br /></div><div>After reading and <a href=3D"https://github=
.com/akarve/bipsea">implementing BIP-85</a> I entertained the possibility o=
f a generalized keychain application atop hierarchical deterministic wallet=
s.</div><div><br /></div><div>Here is the <a href=3D"https://github.com/aka=
rve/bip-keychain">pre-proposal for said BIP-Keychain on GitHub</a>. Below a=
re the Abstract and Motivation. See the link above for the full spec.</div>=
<div><br /></div><div>Let me know if I should proceed to submit this as a p=
roper BIP.</div><div><br /></div><div>Thank you.</div><div><br /></div><div=
><br /></div><div># Abstract<br /><br />We extend the hierarchical determin=
istic wallet chain from BIP-32 with a new<br />application code for BIP-85 =
and a deterministic path derivation algorithm<br />that allows applications=
 to create a large key-value map of secrets where the key<br />for each sec=
ret is a meaningful semantic path, as opposed to an arbitrary integer.<br /=
>This secure key-value map can replace modern password managers and offers =
an improved, possibly trustless security profile.<br /></div><div><br /></d=
iv><div># Motivation<br /><br />BIP-85 specifies how to derive passwords, p=
rivate keys, and entropy from paths<br />with the following form:<br /><br =
/>```<br />m/83696968'/{app_no}'/{index}'<br />```<br /><br />Nevertheless =
BIP-85 has the following ambiguities and shortcomings:<br /><br />1. Path c=
onstruction is arbitrary in that there is no well-defined procedure to<br /=
>extend the path for applications that require more than two parameters.<br=
 />The implied convention is for paths to end with `{some_integer_n}'{index=
}'`<br />but there is no guidance on the order of parameters for applicatio=
ns that need more<br />than two inputs.<br /><br />1. Return types for appl=
ications vary in interpretation and are<br />not specific enough to be acti=
onable. For example sometimes `n` represents the<br />number of bytes, some=
times the number of characters, sometimes the number of<br />BIP-39 words, =
etc.<br /><br />Moreover, modern password managers protect hot child secret=
s with a single root<br />master hot secret such that if the master secret =
is compromised all children are<br />also compromised.<br /><br />BIP-Keych=
ain proposes a new paradigm where numerous hot or cold secrets are derived<=
br />from hot but non-secret-compromising _derivation path keys_ that are i=
n turn stored<br />under a hot master secret such that if this hot master i=
s compromised only the<br />_derivation path keys_, and not the actual chil=
d secrets (_derivation path values_),<br />are compromised. Said hot master=
 secret can itself be the child derivative of a<br />cold master key. The m=
aster key for deriving the secret values need not be stored<br />online nor=
 with the derivation path keys and may be provided just-in-time by the<br /=
>application.<br /><br />Moreover, _generalized derivation paths_ may be in=
terpreted not simply as an<br />input to key derivation but also as informa=
tion about the real world.=C2=A0<br /></div>

<p></p>

-- <br />
You received this message because you are subscribed to the Google Groups &=
quot;Bitcoin Development Mailing List&quot; group.<br />
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to <a href=3D"mailto:bitcoindev+unsubscribe@googlegroups.com">bitcoind=
ev+unsubscribe@googlegroups.com</a>.<br />
To view this discussion on the web visit <a href=3D"https://groups.google.c=
om/d/msgid/bitcoindev/6d012560-4a66-4346-a1e8-8d8e5c879b29n%40googlegroups.=
com?utm_medium=3Demail&utm_source=3Dfooter">https://groups.google.com/d/msg=
id/bitcoindev/6d012560-4a66-4346-a1e8-8d8e5c879b29n%40googlegroups.com</a>.=
<br />

------=_Part_161069_700989787.1716861890607--

------=_Part_161068_542952046.1716861890607--